A senior Microsoft security engineer will join a Belgian public sector organisation to design and implement Zero Trust defence strategies across Microsoft cloud services and the modern workplace. The role focuses on Azure security, Microsoft Defender, Purview and DLP to protect identities, endpoints, cloud workloads and sensitive data while working closely with the CISO, DPO and infrastructure teams.
The mission
The programme covers identity and access management, endpoint protection, cloud security and data protection across Microsoft 365 and Azure. You will work within an established security team and contribute to a staged rollout of Zero Trust controls that affect users across the organisation, including protection for hybrid on-premise and cloud infrastructure. Work will include configuring Microsoft Defender, Purview classification and DLP and integrating these controls with Azure DevOps pipelines for secure delivery.
Day to day you will assess risk, translate business requirements into secure architectures, and implement technical controls. Typical responsibilities include incident detection and remediation, designing Conditional Access and identity protection, creating data protection policies, and producing compliance reports and operational runbooks. You will liaise with stakeholders such as the DPO, crisis management, architects and operations to ensure controls are understood and maintained.
A short compliance note, you will be asked to declare any potential conflicts of interest; prior engagements with the contracting authority within a recent period may affect eligibility.
Your responsibilities
- Design and deliver Zero Trust security architectures using Azure, Azure AD Conditional Access, Microsoft Defender and Microsoft Purview to protect identities, endpoints and data
- Implement and tune data loss prevention policies and classification workflows with Purview and DLP to reduce data exposure for sensitive systems
- Configure and operate detection, alerting and response using Microsoft Defender, integrating outcomes into incident management and escalation procedures
- Translate business and compliance requirements into practical security controls and technical architectures for hybrid environments
- Automate secure deployment and policy enforcement through Azure DevOps pipelines and infrastructure-as-code where appropriate
- Produce clear compliance reports, runbooks and stakeholder-facing documentation for the CISO, DPO and operations teams
Your profile
Essential skills
- Proven experience implementing Microsoft security controls across Azure and Microsoft 365 environments
- Practical knowledge of Microsoft Defender stack, Microsoft Purview and DLP technologies
- Strong skills in identity and access management, including Azure AD, Conditional Access and identity protection
- Experience with cloud security operations for hybrid infrastructures and incident response practices
- Ability to translate technical security concepts into stakeholder-facing reports and compliance documentation
- Familiarity with Azure DevOps for CI/CD and policy automation